malwarewikiaorg-20200223-history
MMO scams
Free Robux Generator scams are types of Malware, scams, phishing, and keyloggers which were first found in 2007 after the popular online game ROBLOX introduced their virtual currency Robux and Tickets. Free Robux generator scams are founded in many Fake ROBLOX sites such as gobux.me, Scam games, clickbait ROBLOX games, and in some ROBLOX groups. These spam bots post a link to a phishing site that they claim allows users to get free Robux. Behavior When a user clicks on the page the website may say different things. 1. Downloading A website may claim that the user must download a program before they can get free Robux. They might have a video that claims that the program is working. (When a program is downloaded from one of the "free robux" websites antiviruses may stop it from downloading.) When downloading these programs or when installing, they might ask if the user wants to download other programs (which may also be viruses). This could happen outside and inside the installer. Even if there is a "No" button, it will likely not work and will download the program(s) anyway. This is also called a PUP. When a user downloads the program it will likely ask for their ROBLOX username and password, or confidential details such as credit card numbers. It will then ask how much Robux they would like to add to their account (Tix in older downloads or scams.). When the user selects a amount it will show a fake bar that progresses. When it is done it may say that their request will take a while or is done. If the user attempt logs on to their ROBLOX account after doing this it may be hacked, or they may not be able to log onto their account. Their computer may also have been infected by a lot of viruses. These viruses are usually not malicious and are just PUPs. Sometimes, however, some "free robux" generators can carry RAT's (Remote Access Trojans) and will not open. After "opening" the program, the trojan will not ask for any administrator permissions, and will start a task that will be enabled for startup. The RAT process can be started after booting so that features can be available for the controller even after reboot. Depending on the RAT's type, it can have a keylogger, or even can remotely control your computer. These features can be used to log into accounts, and more. 2. Websites When offered to download the program websites may offer a way to do it through the website alone. Generally the website would look and work exactly the same way as the program they offered. This is different from the program because they don't have "direct" access to the user's computer files, but tend to send spam constantly to the user's email, or in worse cases a email Worm, and phish all your sensitive information. When a user clicks on the Website option they are greeted with the same thing as the program, a username and password requirement. When the user types that in, then they will be asked how much robux they would like to add to their account. This part differs from the program for the fact that the website may pause the bar and makes the user do a captcha to make sure they are human, or claims they must complete a survey or download a program, etc. If there is a captcha, it will likely be false, because if the link is clicked the user will be redirected to a phishing website, where they may be forced to do surveys that take sensitive information such as credit card numbers, addresses, email address, the user's real name and etc. When the user has finished the website "checks" to see if the information is valid. The website will never actually check to see if the information is right, this means the user can type in whatever into the information boxes and it will do the same thing. Once the website has "checked" it says that the user's completion will be sent to the "Free Robux" website, however it never will be. When the user closes the "captcha" and goes back the website will not have changed. This can be different from website to website. Some websites do complete but do nothing. This may be because of PHP, but the Robux will never appear on the users account. At this point the user's email can be filled with spam or email worms and their ROBLOX account will most likely be hacked in a couple of days after visiting the website. 3. Games/Videos When a user logs onto ROBLOX they may find games that say "free robux" however these are just clickbait. The game doesn't give any malware or steal information from the user unless it asks for a username or password. The user can just report the game or not care about it. Videos can be found on YouTube that are clickbait that claim that these generators are real and attempt to explain how they work. The videos don't infect the computer of steal sensitive information, however the websites linked in the videos can infect the computer or steal information. This sometimes may involve going to inspect element in console, or pasting in fake HTML code. Gallery Category:Article stubs Category:Under construction Category:Scam Category:Dangerous Website Category:Virus Category:Trojan Category:Trojan dropper Category:Phishing website Category:Win32 Category:Win32 trojan Category:Win32 virus Category:Browser hijacker Category:Keylogger Category:Fake Category:MacOS trojan Category:MacOS virus